System Command Injection in TOTOLINK A3002RU Router
CVE-2018-13314
9.8CRITICAL
What is CVE-2018-13314?
A system command injection vulnerability exists in the TOTOLINK A3002RU router, specifically within the formAliasIp function. By manipulating the 'ipAddr' POST parameter, attackers can execute arbitrary system commands, potentially compromising the device's integrity and allowing unauthorized access to sensitive functions.
